Identity Management and Attributes in GENI

Similar documents
Leveraging the Cloud for Electronic Health Record Access

Meridian Health Physician Survey

!"#$%&'"()!&*+,'#-).!/)*0() 1."+2. Kevin Glinski Lead Developer Evangelist

INSIGHT INTO THE MIND OF TODAY S JOB SEEKERS

Vacancy Announcement

Integrating EMS for Care Coordination and Disaster Response March 3, 2016

University Social Media Accounts

ONE ID Local Registration Authority Procedures Manual. Version: 3.3

ProviderConnect Enhancements. January 2016

NCCER Accredited Training Sponsor Toolkit

INDIANA UNIVERSITY HEALTH

National Wildlife Federation Affiliates & Network for Good: A Partnership for. Fundraising Success [[[

ANNE ARUNDEL COUNTY, MARYLAND Annapolis, Maryland ADDENDUM NO. 3 MAY 18, TO ALL OFFERORS: Please see the following for the above-mentioned RFP:

Deploying A Holistic Identity Management

EFFECTIVE DATE: 10/04. SUBJECT: Primary Care Nurse Practitioners SECTION: CREDENTIALING POLICY NUMBER: CR-31

Consent Agenda David O. Renz, Ph.D.

New gtld Program Update. 12 March 2012

Recruiting Game- Changing Talent

Practitioners may be recredentialed at any time, but in no circumstance longer than a 36 month period.

HAVA GRANTS AND MONITORING. Presented by: Dan Glotzer, Election Funds Manager and Venessa Miller, HAVA Grant Monitor

Federal Demonstration Partnership Meeting January, 2012

CHARLES E. EESLEY. Research focus: Role of universities in fostering technology based entrepreneurship via students and alumni.

.Brand TLD Designation Application

Recruitment and Social Media: What We Have Learned

Guide to Enterprise Zone Certification

THE FEDERAL DEMONSTRATION PARTNERSHIP PHASE V UPDATE

Perceptions on the Access to Electronic Health Records. Prof Bill Buchanan Adrian Smales, Prof Christoph Thuemmler, Cassie Anderson, James Varga

CORDIS Partners Service Research Participant Portal

ACCOUNTABLE CARE: ROADMAP TO VALUE

ICANN Naming Services portal Quick Start Guide

Washington, D.C. George Eastman Circle Leadership Council Meeting. April 18, :00 p.m. 7:00 p.m.

CERTIFICATION CHECKLIST

Joining Passport Health Plan. Welcome IMPACT Plus Providers

Ethics for Professionals Counselors

Applicant User Guide

Research Administrators Forum October 10th, Marcia Smith Associate Vice Chancellor for Research

CILogon & InCommon & Federated Identity. Jim Basney

FY19 Warfighting Lab Incentive Fund Project Proposal Background and Instructions

Using DonorCentral. With DonorCentral, you can: Keep Fund summary information at your fingertips:

2018 COMMUNITY HEALTH IMPACT PROGRAM

The Council on Chiropractic Education

HomeTrak, Your Constant Companion!

Speare Memorial Hospital myspeare Patient Portal User Guide

North Campus Central Campus South Campus 5800 Uvalde Rd. Houston, TX Office: N-6.170

MyLCI. New Club Application. The Fastest Way to Start a New Club!

Covered Behavioral Health Services

Eloy Rodrigues. University of Minho, Portuga

MyHealthPortal: Frequently Asked Questions Updated: June Using MyHealthPortal

PMI Educational Foundation

Applicant User Guide

THE FEDERAL DEMONSTRATION PARTNERSHIP PHASE V UPDATE

Project Reinvest: Background

Operational Procedures for the Organization and Management of the S-100 Geospatial Information Registry

BAYHEALTH MEDICAL STAFF RULES & REGULATIONS

Minnesota Food Charter Food Access Planning Guide

Operational Procedures for the Organization and Management of the S-100 Geospatial Information Registry

BCBSM Physician Group Incentive Program. Patient-Centered Medical Home and Patient-Centered Medical Home-Neighbor

The Holyoke Medical Center (HMC) Patient Portal User Guide

Patient Unified Lookup System for Emergencies (PULSE) System Requirements

Responding to Grant Funder Policies on Research Dissemination. April 2, 2015 Michelle Armstrong Amber Sherman

Health Information Exchange. Anne Dobbins, RN Operations Director Minnesota Health Information Exchange (MN HIE)

Instructions for Submission: Pilot Grant Applications National Multiple Sclerosis Society 2018

Author Best Practices

OREGON HEALTH AUTHORITY, OFFICE OF EQUITY AND INCLUSION DIVISION 2 HEALTH CARE INTERPRETER PROGRAM

Registering Online. Accessing the Sport Wales Grants Portal

2014 Edition FUNDRAISING WITH ARTEZ INTERACTIVE WHITE PAPER FACEBOOK ARTEZ.COM FACEBOOK.COM/ARTEZINTERACTIVE

Application Process for Individual HCPs

Reducing Hospital Admissions Through the Use of IT. Steven Milligan MD Medical Director of ACO Management Colorado Health Neighborhoods

USAccess Program Overview & Process Walk -Though

STATE OF RHODE ISLAND OFFICE OF THE GENERAL TREASURER

Conflict of Interest Committee Submission Guide

Insert State Name Here

PRIOR APPROVAL GUIDE ',47 +MPP 7ERW

CAMPUS CONSORTIUM SINGLE SIGN-ON AND IDENTITY GRANT

CoActiveSoft Caregiver Portal and Time Tracking User Manual

Job Applications & the Standout CV Make Over. Melania Guzman Be Smart Consulting

SurveyMonkey - Survey Results

AWARD NOMINATION SUBMISSION GUIDELINES

WIA TO WIOA EFFECTIVE DATE OF. 4/23/15 14 WIOA 01 Workforce Innovation Areas and Planning Regions

Digital Access to Collections

Commonwealth Health Research Board ("CHRB") Grant Guidelines for FY 2014/2015

Adding Patient Appointments to a Clinic

2015 COMMUNITY GRANT REQUEST FOR APPLICATIONS (RFA)

Report Responding to Requirements of Legislation: Student and Employer Connection Information System

Commonwealth Health Research Board [CHRB] Grant Guidelines and Application Instructions for FY 2019/2020

Instructions for Application Submission Sylvia Lawry Physician Fellowship

Harvesting Wearable Device Data Session 230, March 6, 2018 Ajay K. Mittal, Associate Director, IT American College of Cardiology

The Queen s Medical Center HIPAA Training Packet for Researchers

THE FEDERAL DEMONSTRATION PARTNERSHIP PHASE V UPDATE

FIRST Fundraising Toolkit

Instructions for Application Submission National MS Society-American Brain Foundation (ABF) Clinician Scientist Development Award

Security Risk Analysis

NCCER Accredited Training Sponsor

HANDBOOK. Sailor. Career Development Symposium

Work Visas and Permanent Residency Global Education Office, University of New Mexico November 11, 2016 University of New Mexico, Mitchel Hall, Room

Guide to Enterprise Zone Pre-Certification

Equivalency Certification Application (Please type online and print finished copy) Applying For: CEDS CEDRN CEDCAT

There is no single solution to poverty or inequity. However, we know that in order for children to be successful, they need:

AGENDA. Subrecipient Monitoring Under the New Uniform Guidance. What is a passthrough

Bristol-Myers Squibb Navigating our New Funding Process. User Training

Transcription:

Identity Management and Attributes in GENI Tom Mitchell GEC 11 July 26, 2011 Sponsored by the National Science Foundation

Agenda Identity Management 101 Review GEC 10 Community Agreement Review GEC 10 Next Steps Identity Portal Status Identity Portal Demonstration Next Steps 2

Identity Management For GENI Why add external identity providers to GENI? Using external identity providers can make it easy for experimenters to access GENI. They use existing accounts for authentication. Why join the InCommon Federation? There are over 200 Higher Education Participants in the InCommon Federation Many potential GENI experimenters already have InCommon accounts How does GENI benefit? More experimenters can gain access to GENI 3

Identity Management 101 Web-based Single Sign On (SSO) Lots of examples you may already be familiar with: Google (OpenID) Yahoo! (OpenID) Facebook (OAuth) Twitter (OAuth) These are all examples of Federated Identity 4

Identity Management 101 Connecting People With Services Identity Providers Service Providers 5

Identity Management 101 Identity Providers Manage Accounts Passwords Attributes Assert Authentication Attributes Trust Service Providers Examples: Google, Yahoo, Facebook Twitter Your College/University Service Providers Provide services Outsource password management Trust Identity Providers Examples: CNN.com (Facebook) ESPN.com (Facebook) TypePad (Google, Yahoo, Facebook, Twitter, etc.) Washington Post (Facebook) twitpic.com (Twitter) 6

Identity Management 101 Identity Providers Service Providers 7

Bridging Federations The GENI Identity Portal is a member of both federations GENI Federation Identity Provider Clearinghouse InCommon Federation GENI Identity Portal Agg Agg Agg Agg The GENI Identity Portal fulfills obligations to each federation 8

Bridging Federations The GENI Identity Portal: Acts as an InCommon Service Provider Gets experimenter attributes from InCommon identity providers through SAML assertions Acts as a GENI slice authority Generates GENI-compatible user certificates Generates GENI-compatible slice credentials 9

GEC 10 Community Agreement Add external identity providers to GENI GPO should build a prototype, InCommon compatible, GENI identity portal / slice authority Agreed on an initial set of required identity attributes Name Institution Affiliation Email address Phone number 10

GEC 10 Next Steps GPO will build a prototype portal / slice authority that accepts InCommon logons and produces slice credentials - Build a portal Become an InCommon service provider Work with a few test institutions to get desired attributes from their identity providers Federate with a few GENI Aggregates Demonstrate this portal at GEC11 Pending group evaluation, expand this portal to other institutions and aggregates 11

Status: Build A Portal Prototype GENI Identity Portal implemented Integrated with Shibboleth for InCommon compatibility Produces GENI-compatible certificates and credentials Home-grown PHP web site Still investigating toolkits like CoManage, Drupal, etc. Demo in a few minutes 12

Status: InCommon Membership GENI Project Office became a member of the InCommon Federation on July 13, 2011 GENI is part of a new category of InCommon Membership: Research Organizations One of 12 Government and Nonprofit Laboratories, Research Centers, and Agencies 13

Status: Federate With Institutions We are just starting this process Now that we are members of InCommon we can begin Negotiate With Institutions For Attributes Anonymous attributes are readily available but GENI needs a few identifying attributes Name, email, phone Planning to work with a few institutions at first, then add more 14

Status: Federate With GENI Aggregates Temporarily federated with a few ProtoGENI aggregates Federating with more aggregates should be easy, it is a simple matter of trust The portal looks like a slice authority to GENI aggregates Issues user certificates and slice credentials 15

DEMO 16

Agenda Identity Management 101 Review GEC 10 Community Agreement Review GEC 10 Next Steps Identity Portal Status Identity Portal Demonstration Next Steps 17

Next Steps: InCommon Publish Participant Operational Practices (POP) Publish Service Provider Metadata Negotiate For Attributes From A Few Institutions Anonymous attributes are readily available GENI needs a few identifying attributes 18

Next Steps: Identity Portal What s missing: Proper certificate management outsource or build? Protected signing key Certificate Revocation List (CRL) Programmatic access to Slice Authority functions Programmatic access to Registry functions Management/Operations integration Publish monitoring data Tie into GENI operational infrastructure Slice expiration Projects, Groups, Sharing Slices Etc. 19

THE END. 20

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback